<![CDATA[GraphQL is a web-based client-server communication architecture for data communication using the HTTP protocol. GraphQL is divided into three parts, namely schema, query and resolver. In schema, there were two parts namely the query that functions to retrieve data and the mutation functions as updating data. The query had a function to display data from the server. Resolver here had a function as a connector between the schema function with the existing data. On the GraphQL, the HTTP protocol communication process ran without any authentication mechanism. The authentication mechanism worked so that the user account could access his own resources. JWT which was a token-based authentication mechanism was chosen to overcome the lack of authentication features in graphQL architecture. The HS256 algorithm was one of the algorithms implemented in JWT as a hashing algorithm. The HS256 algorithm belongs to the HMAC-SHA256 algorithm that used the message authentication code (MAC), so it was also called as HMAC-SHA256. In 2011 there were pre-image attack, so that they became threatened the security of the SHA256 algorithm in the following years. The BLAKE2B algorithm was an algorithm derived from the BLAKE algorithm as a hashing algorithm that used message authentication code (MAC). The security level of the BLAKE2B algorithm was better than the HS256 algorithm. This research implemented the BLAKE2B algorithm on JSON Web Token for query language authentication mechanisms and as an alternative to the HMAC-SHA256 algorithm. Several methods were functional system to test the suitability of the system and in accordance with the objectives, the vector-test examination was conducted to determine the suitability of the results between the algorithm implemented with the provisions contained in the RFC document, and time-authentication test was carried out to determine how long it took for the BLAKE2B algorithm to produce a message digest and it was obtained that BLAKE2B algorithm was 96% faster than HMAC-SHA256]]>
